diff --git a/courier-imap-4.8.0-certsdir.patch b/courier-imap-4.8.0-certsdir.patch deleted file mode 100644 index 8a0a7d8..0000000 --- a/courier-imap-4.8.0-certsdir.patch +++ /dev/null @@ -1,351 +0,0 @@ -diff -ruN courier-imap-4.8.0-orig/configure courier-imap-4.8.0/configure ---- courier-imap-4.8.0-orig/configure 2010-05-30 23:20:04.000000000 +0200 -+++ courier-imap-4.8.0/configure 2010-08-05 16:27:03.000000000 +0200 -@@ -890,6 +890,7 @@ - with_socks - with_authchangepwdir - with_package -+with_certsdir - ' - ac_precious_vars='build_alias - host_alias -@@ -1540,6 +1541,7 @@ - - --with-db=gdbm Use the GDBM library. - --with-db=db Use the libdb.a library. -+ --with-certsdir[=ARG] Directory where certs are created - - Some influential environment variables: - CC C compiler command -@@ -11104,6 +11106,12 @@ - HAVE_HTML_FALSE= - fi - -+# Check whether --with-certsdir was given. -+if test "${with_certsdir+set}" = set; then : -+ withval=$with_certsdir; certsdir="$withval" -+else -+ certsdir=$datadir -+fi - - ac_config_files="$ac_config_files Makefile dbobj.h dbobj.config imapd.rc imapd-ssl.rc pop3d.rc pop3d-ssl.rc courier-imap.sysvinit courier-imap.spec courier-imap.lpspec INSTALL.html packaging/suse/courier-imap.init" - -diff -ruN courier-imap-4.8.0-orig/imap/configure courier-imap-4.8.0/imap/configure ---- courier-imap-4.8.0-orig/imap/configure 2010-05-30 23:20:45.000000000 +0200 -+++ courier-imap-4.8.0/imap/configure 2010-08-05 16:30:02.000000000 +0200 -@@ -753,6 +753,7 @@ - HAVE_SGML_FALSE - HAVE_SGML_TRUE - mydatadir -+certsdir - smap - NETLIBS - dblibrary -@@ -902,6 +903,7 @@ - enable_workarounds_for_imap_client_bugs - with_dirsync - with_smap -+with_certsdir - with_package - with_version - with_trashquota -@@ -1556,14 +1558,15 @@ - both] - --with-gnu-ld assume the C compiler uses GNU ld [default=no] - --with-mailer=prog Your mail submission program -- --with-random=/dev/urandom - location of the system random file generator ----without-random - there is no system random file generator -+ --with-random=/dev/urandom - location of the system random file generator -+ --without-random - there is no system random file generator - - --with-piddir Directory where imapd.pid is created - -- --with-dirsync Manually sync queue file directory -- --without-smap Do not compile SMAP support -- --with-trashquota Count deleted messages as part of the quota -+ --with-dirsync Manually sync queue file directory -+ --without-smap Do not compile SMAP support -+ --with-certsdir[=ARG] Directory where certs are created -+ --with-trashquota Count deleted messages as part of the quota - - Some influential environment variables: - CC C compiler command -@@ -16506,6 +16509,13 @@ - eval "sysconfdir=$sysconfdir" - eval "localstatedir=$localstatedir" - -+# Check whether --with-certsdir was given. -+if test "${with_certsdir+set}" = set; then : -+ withval=$with_certsdir; certsdir="$withval" -+else -+ certsdir="$datadir" -+fi -+ - mydatadir="$datadir" - # Avoid useless autoconf warning - -diff -ruN courier-imap-4.8.0-orig/imap/imapd.cnf.openssl.in courier-imap-4.8.0/imap/imapd.cnf.openssl.in ---- courier-imap-4.8.0-orig/imap/imapd.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100 -+++ courier-imap-4.8.0/imap/imapd.cnf.openssl.in 2010-08-05 14:42:33.000000000 +0200 -@@ -1,5 +1,5 @@ - --RANDFILE = @mydatadir@/imapd.rand -+RANDFILE = @certsdir@/imapd.rand - - [ req ] - default_bits = 1024 -@@ -15,7 +15,7 @@ - O=Courier Mail Server - OU=Automatically-generated IMAP SSL key - CN=localhost --emailAddress=postmaster@example.com -+emailAddress=postmaster@localhost - - - [ cert_type ] -diff -ruN courier-imap-4.8.0-orig/imap/imapd-ssl.dist.in courier-imap-4.8.0/imap/imapd-ssl.dist.in ---- courier-imap-4.8.0-orig/imap/imapd-ssl.dist.in 2009-08-13 05:06:42.000000000 +0200 -+++ courier-imap-4.8.0/imap/imapd-ssl.dist.in 2010-08-05 14:37:38.000000000 +0200 -@@ -260,7 +260,7 @@ - # - # This is an experimental feature. - --TLS_CERTFILE=@mydatadir@/imapd.pem -+TLS_CERTFILE=@certsdir@/imapd.pem - - ##NAME: TLS_TRUSTCERTS:0 - # -diff -ruN courier-imap-4.8.0-orig/imap/Makefile.in courier-imap-4.8.0/imap/Makefile.in ---- courier-imap-4.8.0-orig/imap/Makefile.in 2010-05-30 23:20:45.000000000 +0200 -+++ courier-imap-4.8.0/imap/Makefile.in 2010-08-05 14:40:45.000000000 +0200 -@@ -234,6 +234,7 @@ - build_vendor = @build_vendor@ - builddir = @builddir@ - cacerts = @cacerts@ -+certsdir = @certsdir@ - datadir = @datadir@ - datarootdir = @datarootdir@ - dblibrary = @dblibrary@ -diff -ruN courier-imap-4.8.0-orig/imap/mkimapdcert.8.in courier-imap-4.8.0/imap/mkimapdcert.8.in ---- courier-imap-4.8.0-orig/imap/mkimapdcert.8.in 2010-02-20 05:12:44.000000000 +0100 -+++ courier-imap-4.8.0/imap/mkimapdcert.8.in 2010-08-05 14:47:01.000000000 +0200 -@@ -29,18 +29,18 @@ - .SH "DESCRIPTION" - .PP - IMAP over SSL requires a valid, signed, X\&.509 certificate\&. The default location for the certificate file is --@datadir@/imapd\&.pem\&. -+@certsdir@/imapd\&.pem\&. - \fBmkimapdcert\fR - generates a self\-signed X\&.509 certificate, mainly for testing\&. For production use the X\&.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate\&. - .PP - --@datadir@/imapd\&.pem -+@certsdir@/imapd\&.pem - must be owned by the @mailuser@ user and have no group or world permissions\&. The - \fBmkimapdcert\fR - command will enforce this\&. To prevent an unfortunate accident, - \fBmkimapdcert\fR - will not work if --\fB@datadir@/imapd\&.pem\fR -+\fB@certsdir@/imapd\&.pem\fR - already exists\&. - .PP - -@@ -50,7 +50,7 @@ - to be installed\&. - .SH "FILES" - .PP --@datadir@/imapd\&.pem -+@certsdir@/imapd\&.pem - .RS 4 - X\&.509 certificate\&. - .RE -diff -ruN courier-imap-4.8.0-orig/imap/mkimapdcert.html.in courier-imap-4.8.0/imap/mkimapdcert.html.in ---- courier-imap-4.8.0-orig/imap/mkimapdcert.html.in 2010-02-20 05:12:44.000000000 +0100 -+++ courier-imap-4.8.0/imap/mkimapdcert.html.in 2010-08-05 14:39:46.000000000 +0200 -@@ -7,22 +7,22 @@ - -->

Name

mkimapdcert — create a test SSL certificate for IMAP over SSL

Synopsis

@sbindir@/mkimapdcert

DESCRIPTION

- IMAP over SSL requires a valid, signed, X.509 certificate. The default - location for the certificate file is --@datadir@/imapd.pem. -+@certsdir@/imapd.pem. - mkimapdcert generates a self-signed X.509 certificate, - mainly for - testing. - For production use the X.509 certificate must be signed by a - recognized certificate authority, in order for mail clients to accept the - certificate.

--@datadir@/imapd.pem must be owned by the -+@certsdir@/imapd.pem must be owned by the - @mailuser@ user and - have no group or world permissions. - The mkimapdcert command will - enforce this. To prevent an unfortunate accident, - mkimapdcert --will not work if @datadir@/imapd.pem already exists.

-+will not work if @certsdir@/imapd.pem already exists.

- mkimapdcert requires --OpenSSL to be installed.

FILES

@datadir@/imapd.pem
-+OpenSSL to be installed.

FILES

@certsdir@/imapd.pem
- X.509 certificate. -
@sysconfdir@/imapd.cnf
- Parameters used by OpenSSL to -diff -ruN courier-imap-4.8.0-orig/imap/mkimapdcert.in courier-imap-4.8.0/imap/mkimapdcert.in ---- courier-imap-4.8.0-orig/imap/mkimapdcert.in 2007-11-04 21:49:58.000000000 +0100 -+++ courier-imap-4.8.0/imap/mkimapdcert.in 2010-08-05 14:36:53.000000000 +0200 -@@ -18,41 +18,41 @@ - - prefix="@prefix@" - --if test -f @mydatadir@/imapd.pem -+if test -f @certsdir@/imapd.pem - then -- echo "@mydatadir@/imapd.pem already exists." -+ echo "@certsdir@/imapd.pem already exists." - exit 1 - fi - - umask 077 - - cleanup() { -- rm -f @mydatadir@/imapd.pem -- rm -f @mydatadir@/imapd.rand -- rm -f @mydatadir@/imapd.key -- rm -f @mydatadir@/imapd.cert -+ rm -f @certsdir@/imapd.pem -+ rm -f @certsdir@/imapd.rand -+ rm -f @certsdir@/imapd.key -+ rm -f @certsdir@/imapd.cert - exit 1 - } - --cd @mydatadir@ -+cd @certsdir@ - - if test "@ssllib@" = "openssl" - then -- cp /dev/null @mydatadir@/imapd.pem -- chmod 600 @mydatadir@/imapd.pem -- chown @mailuser@ @mydatadir@/imapd.pem -+ cp /dev/null @certsdir@/imapd.pem -+ chmod 600 @certsdir@/imapd.pem -+ chown @mailuser@ @certsdir@/imapd.pem - -- dd if=@RANDOMV@ of=@mydatadir@/imapd.rand count=1 2>/dev/null -+ dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null - @OPENSSL@ req -new -x509 -days 365 -nodes \ -- -config @sysconfdir@/imapd.cnf -out @mydatadir@/imapd.pem -keyout @mydatadir@/imapd.pem || cleanup -- @OPENSSL@ gendh -rand @mydatadir@/imapd.rand 512 >>@mydatadir@/imapd.pem || cleanup -- @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/imapd.pem || cleanup -- rm -f @mydatadir@/imapd.rand -+ -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup -+ @OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup -+ @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup -+ rm -f @certsdir@/imapd.rand - else -- cp /dev/null @mydatadir@/imapd.key -- chmod 600 @mydatadir@/imapd.key -- cp /dev/null @mydatadir@/imapd.cert -- chmod 600 @mydatadir@/imapd.cert -+ cp /dev/null @certsdir@/imapd.key -+ chmod 600 @certsdir@/imapd.key -+ cp /dev/null @certsdir@/imapd.cert -+ chmod 600 @certsdir@/imapd.cert - - @CERTTOOL@ --generate-privkey --outfile imapd.key - @CERTTOOL@ --generate-self-signed --load-privkey imapd.key --outfile imapd.cert --template @sysconfdir@/imapd.cnf -diff -ruN courier-imap-4.8.0-orig/imap/mkpop3dcert.in courier-imap-4.8.0/imap/mkpop3dcert.in ---- courier-imap-4.8.0-orig/imap/mkpop3dcert.in 2007-11-04 21:49:58.000000000 +0100 -+++ courier-imap-4.8.0/imap/mkpop3dcert.in 2010-08-05 14:35:48.000000000 +0200 -@@ -18,41 +18,41 @@ - - prefix="@prefix@" - --if test -f @mydatadir@/pop3d.pem -+if test -f @certsdir@/pop3d.pem - then -- echo "@mydatadir@/pop3d.pem already exists." -+ echo "@certsdir@/pop3d.pem already exists." - exit 1 - fi - - umask 077 - - cleanup() { -- rm -f @mydatadir@/pop3d.pem -- rm -f @mydatadir@/pop3d.rand -- rm -f @mydatadir@/pop3d.key -- rm -f @mydatadir@/pop3d.cert -+ rm -f @certsdir@/pop3d.pem -+ rm -f @certsdir@/pop3d.rand -+ rm -f @certsdir@/pop3d.key -+ rm -f @certsdir@/pop3d.cert - exit 1 - } - --cd @mydatadir@ -+cd @certsdir@ - - if test "@ssllib@" = "openssl" - then -- cp /dev/null @mydatadir@/pop3d.pem -- chmod 600 @mydatadir@/pop3d.pem -- chown @mailuser@ @mydatadir@/pop3d.pem -+ cp /dev/null @certsdir@/pop3d.pem -+ chmod 600 @certsdir@/pop3d.pem -+ chown @mailuser@ @certsdir@/pop3d.pem - -- dd if=@RANDOMV@ of=@mydatadir@/pop3d.rand count=1 2>/dev/null -+ dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null - @OPENSSL@ req -new -x509 -days 365 -nodes \ -- -config @sysconfdir@/pop3d.cnf -out @mydatadir@/pop3d.pem -keyout @mydatadir@/pop3d.pem || cleanup -- @OPENSSL@ gendh -rand @mydatadir@/pop3d.rand 512 >>@mydatadir@/pop3d.pem || cleanup -- @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/pop3d.pem || cleanup -- rm -f @mydatadir@/pop3d.rand -+ -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup -+ @OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup -+ @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup -+ rm -f @certsdir@/pop3d.rand - else -- cp /dev/null @mydatadir@/pop3d.key -- chmod 600 @mydatadir@/pop3d.key -- cp /dev/null @mydatadir@/pop3d.cert -- chmod 600 @mydatadir@/pop3d.cert -+ cp /dev/null @certsdir@/pop3d.key -+ chmod 600 @certsdir@/pop3d.key -+ cp /dev/null @certsdir@/pop3d.cert -+ chmod 600 @certsdir@/pop3d.cert - - @CERTTOOL@ --generate-privkey --outfile pop3d.key - @CERTTOOL@ --generate-self-signed --load-privkey pop3d.key --outfile pop3d.cert --template @sysconfdir@/pop3d.cnf -diff -ruN courier-imap-4.8.0-orig/imap/pop3d.cnf.openssl.in courier-imap-4.8.0/imap/pop3d.cnf.openssl.in ---- courier-imap-4.8.0-orig/imap/pop3d.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100 -+++ courier-imap-4.8.0/imap/pop3d.cnf.openssl.in 2010-08-05 14:43:48.000000000 +0200 -@@ -1,5 +1,5 @@ - --RANDFILE = @mydatadir@/pop3d.rand -+RANDFILE = @certsdir@/pop3d.rand - - [ req ] - default_bits = 1024 -@@ -15,7 +15,7 @@ - O=Courier Mail Server - OU=Automatically-generated POP3 SSL key - CN=localhost --emailAddress=postmaster@example.com -+emailAddress=postmaster@localhost - - - [ cert_type ] -diff -ruN courier-imap-4.8.0-orig/imap/pop3d-ssl.dist.in courier-imap-4.8.0/imap/pop3d-ssl.dist.in ---- courier-imap-4.8.0-orig/imap/pop3d-ssl.dist.in 2009-08-13 05:06:42.000000000 +0200 -+++ courier-imap-4.8.0/imap/pop3d-ssl.dist.in 2010-08-05 14:43:05.000000000 +0200 -@@ -248,7 +248,7 @@ - # - # This is an experimental feature. - --TLS_CERTFILE=@mydatadir@/pop3d.pem -+TLS_CERTFILE=@certsdir@/pop3d.pem - - ##NAME: TLS_TRUSTCERTS:0 - # diff --git a/courier-imap.changes b/courier-imap.changes index 0262cf5..ee88545 100644 --- a/courier-imap.changes +++ b/courier-imap.changes @@ -1,9 +1,3 @@ -------------------------------------------------------------------- -Thu Aug 5 16:06:36 UTC 2010 - chris@computersalat.de - -- have pop3d, imapd ssl certs in /etc/ssl/private - [bnc#628487]; certsdir patch - ------------------------------------------------------------------- Mon Jul 5 15:21:53 UTC 2010 - chris@computersalat.de diff --git a/courier-imap.spec b/courier-imap.spec index e212058..16ad5e8 100644 --- a/courier-imap.spec +++ b/courier-imap.spec @@ -37,8 +37,6 @@ Source9: %{name}-ssl.firewall Patch0: %{name}-4.8.0-sbindir.patch Patch1: %{name}-4.7.0-LDFLAGS.patch Patch2: %{name}-ulimit_conf.diff -# bnc#628487 -Patch3: %{name}-4.8.0-certsdir.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %if 0%{?suse_version} > 910 BuildRequires: audit-libs @@ -85,8 +83,6 @@ install the entire Courier server. %patch0 -p1 %patch1 -p1 %patch2 -# bnc#628487 -%patch3 -p1 %build %configure \ @@ -99,7 +95,6 @@ install the entire Courier server. --enable-unicode \ --with-authdaemonvar=%{_localstatedir}/run/authdaemon.%{name} \ --with-certdb=%{_sysconfdir}/ssl/certs \ - --with-certsdir=%{_sysconfdir}/ssl/private \ --enable-workarounds-for-imap-client-bugs %{__make} %{?jobs:-j%jobs}